package com.flowerSystem.config;
import com.flowerSystem.constant.JwtClaimsConstant;
import com.flowerSystem.entity.User;
import com.flowerSystem.mapper.ShiroMapper;
import com.flowerSystem.properties.JwtProperties;
import com.flowerSystem.util.JwtUtil;
import com.flowerSystem.vo.UserLoginVO;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;


import javax.annotation.Resource;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

public class MybatisRealm extends AuthorizingRealm {
    @Resource
    ShiroMapper shiroMapper;
    @Resource
    private JwtProperties jwtProperties;

    /**
     * 认证
     * 认证流程
     * 1、从token中取出用户登录时填写的账号密码
     * 2、根据用户登录时填写的账号去数据库中查找密码
     * 2.1、根据账号查询不到密码，账号不存在
     * 2.2、根据账号查找到了密码，但是与用户输入的密码不一致，说明密码错误
     * 2.3、根据账号从数据库查找到了密码，和用户输入一直，认证成功
     */
    protected SimpleAuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) {
        //1、从token中取出用户登录时填写的账号密码
        String account = (String) authenticationToken.getPrincipal();

        String credentials =new String((char[]) authenticationToken.getCredentials());
        //2、根据用户登录时填写的账号去数据库中查找密码
        User user = shiroMapper.getUser(account);
        //2.1、根据账号查询不到密码，账号不存在
        if (user==null || !(user.getPassword().equals(credentials))){
            return null;
        }
        //登录成功后生成jwt令牌
        Map<String, Object> claims = new HashMap<>();
        claims.put(JwtClaimsConstant.USER_ID, user.getId());
        String token = JwtUtil.createJWT(
                jwtProperties.getUserSecretKey(),
                jwtProperties.getUserTtl(),
                claims);
        System.out.println(token);

        UserLoginVO userLoginVO = UserLoginVO.builder()
                .id(user.getId())
                .username(user.getUsername())
                .token(token)
                .build();




        //2.3、根据账号从数据库查找到了密码，和用户输入一直，认证成功
        return new SimpleAuthenticationInfo(userLoginVO,user.getPassword(),getName());

    }

    /**
     * 授权
     * 授权流程
     * 1、根据参数principalCollection 取出用户认证通过的账号
     * 2、根据账号去数据库中查询有哪些角色和权限
     * 3、将角色和权限全部添加到授权信息中
     */
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
////        根据参数principalCollection 取出用户认证通过的账号
//        String principal =(String) principalCollection.getPrimaryPrincipal();
////        根据账号去数据库中查询有哪些角色和权限
//        List<String> roles = shiroMapper.getRoleByAccount(principal);
//        List<String> permitions = shiroMapper.getPermitionByAccount(principal);
////        将角色和权限全部添加到授权信息中
//        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//        authorizationInfo.addRoles(roles);
//        authorizationInfo.addStringPermissions(permitions);
//        return authorizationInfo;
        return null;
    }
}
